…
// 헤더 파일 어딘가에, 이벤트 ID를 정의 // // MessageId: MSG_ERR_EXIST // MessageText: // File %1 does not exist. // #define MSG_ERR_EXIST ((DWORD)0xC0000004L) ... void MyReportEvent(LPCTSTR *szMsg) { HANDLE h; h = RegisterEventSource( NULL, // uses local computer TEXT("SamplApp") // source name ); if (h == NULL) ErrorExit("Could not register the event source."); if (!ReportEvent(h, // event log handle EVENTLOG_ERROR_TYPE, // event type 0, // category zero MSG_ERR_EXIST, // event identifier NULL, // no user security identifier 1, // one substitution string 0, // no data szMsg, // pointer to string array NULL)) // pointer to data { ErrorExit(TEXT("Could not report the event.")); } DeregisterEventSource(h); }
void DisplayEntries( ) { HANDLE h; EVENTLOGRECORD *pevlr; BYTE bBuffer[BUFFER_SIZE]; DWORD dwRead, dwNeeded, cRecords, dwThisRecord; // Open the Application event log. h = OpenEventLog( NULL, // use local computer "Application" // source name ); if (h == NULL) ErrorExit("Could not open the Application event log."); pevlr = (EVENTLOGRECORD*)&bBuffer; // Get the record number of the oldest event log record. GetOldestEventLogRecord(h, &dwThisRecord); // Opening the event log positions the file pointer for this // handle at the beginning of the log. Read the event log records // sequentially until the last record has been read. while (ReadEventLog(h, // event log handle EVENTLOG_FORWARDS_READ | // reads forward EVENTLOG_SEQUENTIAL_READ, // sequential read 0, // ignored for sequential reads pevlr, // pointer to buffer BUFFER_SIZE, // size of buffer &dwRead, // number of bytes read &dwNeeded)) // bytes in next record { while (dwRead > 0) { // Print the record number, event identifier, type, // and source name. printf("%02d Event ID: 0x%08X ", dwThisRecord++, pevlr->EventID); printf("EventType: %d Source: %s\n", pevlr->EventType, (LPSTR) ((LPBYTE) pevlr + sizeof(EVENTLOGRECORD))); dwRead -= pevlr->Length; pevlr = (EVENTLOGRECORD*)((LPBYTE) pevlr + pevlr->Length); } pevlr = (EVENTLOGRECORD *) &bBuffer; } CloseEventLog(h); }